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DETAILED ACTION 

Response to Amendment 

1. Applicant's amendment filed 02 June 2008 amends claims 19-21, and 23-24. Applicant's 
amendment has been fully considered and entered. 

Response to Arguments 

2. Applicant argues, "Applicant's claimed system is therefore a machine. . .". This argument 
is not persuasive because the claims do not include any hardware recitations. Instead the 
specification details that system could be implemented in software alone ([0093]). Therefore, 
absent specific hardware, the claims are interpreted as being software only and therefore, non- 
statutory. 

3. Applicant argues, "Xie, Balasubramanian and Chesla fail to teach or suggest maintaining 
a function of a number of occurrences with which messages containing the URL component, or 
the URL component associated with the node, were rejected. ..Examiner admits that Xie does not 
teach this claim element, and cites Balasubramanian for this purpose." This argument is not 
persuasive because Balasubramanian was not used for that purpose. The limitations in question 
are taught by Chelsa ([0017]). 

4. Applicant argues, "Examiner does not cite Chelsa for this claim limitation." This 
argument is not persuasive because on pages 4-5 of the previous Office Action, the Examiner 
stated: 

Xie does not disclose dynamically generated rules when it is determined that packet 
denial is greater than a desired threshold amount. Chelsa discloses maintaining a 
frequency for the number of occurances with which messages were rejected ([0017]). It 
would have been obvious to one of ordinary skill in the art to dynamically generate 
exceptions for the dynamic filter of Xie based on a desired amount of allowable packets 
in order to minimize the blocking of legitimate traffic as taught be Chelsa ([0017]). 
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Therefore, it is clear from the above, that Chelsa teaches the limitation in question. 
Claim Rejections - 35 USC § 101 

5. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

6. Claims 17, 19-24 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non- statutory subject matter. The claims are drawn to a system whose components 
are software only ([0093]). "Functional descriptive material consists of data structures and 
computer programs which impart functionality when employed as a computer component." 
(MPEP 2106). When functional descriptive material is recorded on some computer-readable 
medium it becomes structurally and functionally interrelated to the medium and will be statutory 
in most cases since use of technology permits the function of the descriptive material to be 
realized. See Lowry, 32 F.3d at 1583-84, 32 USPQ2d at 1035. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

8. The factual inquiries set forth in Graham v. John Deere Co. , 383 U.S. 1 , 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 
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1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

9. Claims 1-17, 19-40 are rejected under 35 U.S.C. 103(a) as being unpatentable over Xie, 
U.S. Patent No. 6,772,347, in view of Balasubramanian, U.S. Publication No. 2005/0086206, 
and further in view of Chelsa, U.S. Publication No. 2004/0250124. Referring to claims 1, 4, 6, 9, 

10, 14, 17, 22, 25, 26, 29, 31-34, 38, Xie discloses a computer network firewall wherein initially 
denied packets are additionally filtered dynamically (Col. 5, lines 45-50 & Figure 6). The 
packets are initially denied based on counter rules that increment the count until a threshold is 
exceeded (Col. 5, lines 10-15), which meets the limitation of receiving a first message, rejecting 
the first message based on a rejection rule. The dynamic filter, filters the initially denied packets 
using an additional set of rules, which are dynamically generated (Col. 5, lines 50-52), which 
meets the limitation of generating an exception rule to the rejection rule. The initially rejected 
packets, and later packets, can be allowed based on the newly generated rules used by the 
dynamic filter (Col. 5, lines 63-66), which meets the limitation of applying the exception rule to 
determine whether to allow the selected component, receiving a second message and allowing 
the second message to pass. Xie discloses filtering packets using rules based on port number and 
IP address (Col. 5, lines 58-60). The rules can be stored in a memory (Col. 4, lines 5-8), which 
meets the limitation of a trie structure, wherein each node in the trie is associated with a 
component. Xie does not specify filtering based on URLs and URL descendants. 
Balasubramanian discloses a rule based filtering system where URL requests are filtered at the 
domain and IP address level, based on rules, to allow/deny traffic for all domains beginning with 
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identified IP address information ([0056] & [0065]-[0067]), which meets the limitation of 
maintaining a frequency for each instance of a URL component, wherein the frequency is a 
function of a number of occurances with which a URL component and its descendants were 
rejected by a rule, selecting a URL component according to a set of constraints, and generating 
an exception rule for the selected URL component and its descendants, the exception rule is 
generated by inferencing a scalar data type of the descendants of the selected URL component. It 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
dynamically filter the packets of Xie using domain and IP address rules, as taught in 
Balasubramanian, in order to control access to specific areas in web space as taught by 
Balasubramanian (0016]). Xie does not disclose dynamically generated rules when it is 
determined that packet denial is greater than a desired threshold amount. Chelsa discloses 
maintaining a frequency for the number of occurances with which messages were rejected 
([0017]). It would have been obvious to one of ordinary skill in the art to dynamically generate 
exceptions for the dynamic filter of Xie based on a desired amount of allowable packets in order 
to minimize the blocking of legitimate traffic as taught be Chelsa ([0017]). 

Referring to claims 2, 3, 1 1, 12, 19, 20, 27, 28, 35, 36, Xie discloses that the packets are 
initially denied based on counter rules that increment the count until a threshold is exceeded 
(Col. 5, lines 10-15), which meets the limitation of constraints selected with a frequency 
exceeding a threshold and having no children with a frequency above the threshold. Xie 
discloses filtering packets using rules based on port number and IP address (Col. 5, lines 58-60), 
but does not specify filtering based on URLs and URL descendants. Balasubramanian discloses a 
rule based filtering system where URL requests are filtered at the domain and IP address level, 
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based on rules, to allow/deny traffic for all domains beginning with identified IP address 
information ([0056] & [0065]-[0067]), which meets the limitation of the function is an aggregate 
of a number of occurances with which the URL component was rejected by a rule and the 
number of occurrences with which descendants of the URL component were rejected by the rule. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to dynamically filter the packets of Xie using domain and IP address rules, as taught in 
Balasubramanian, in order to control access to specific areas in web space as taught by 
Balasubramanian (0016]). 

Referring to claims 5, 13, 21, 30, 37, Xie discloses that the packets are initially denied 
based on counter rules that increment the count until a threshold is exceeded (Col. 5, lines 10- 
15). The dynamic filter, filters the initially denied packets using an additional set of rules, which 
are dynamically generated (Col. 5, lines 50-52). Balasubramanian discloses a rule based filtering 
system where URL requests are filtered at the domain and IP address level, based on rules, to 
allow/deny traffic for all domains beginning with identified IP address information ([0056] & 
[0065]-[0067]). Xie does not disclose dynamically generated rules when it is determined that 
packet denial is greater than a desired threshold amount. It would have been obvious to one of 
ordinary skill in the art to dynamically generate exceptions for the dynamic filter of Xie based on 
a desired amount of allowable packets in order to minimize the blocking of legitimate traffic as 
taught be Chelsa ([0017]). 

Referring to claims 7, 8, 15, 16, 23, 24, 39, 40, Xie discloses that the packets are initially 
denied based on counter rules that increment the count until a threshold is exceeded (Col. 5, lines 
10-15), which meets the limitation of the frequency is a weighted/direct count of occurrences of 
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the component. Xie discloses filtering packets using rules based on port number and IP address 
(Col. 5, lines 58-60), but does not specify filtering based on URLs and URL descendants. 
Balasubramanian discloses a rule based filtering system where URL requests are filtered at the 
domain and IP address level, based on rules, to allow/deny traffic for all domains beginning with 
identified IP address information ([0056] & [0065]-[0067]), which meets the limitation of the 
function is an aggregate of a number of occurances with which the URL component was rejected 
by a rule and the number of occurrences with which descendants of the URL component were 
rejected by the rule. It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to dynamically filter the packets of Xie using domain and IP address rules, 
as taught in Balasubramanian, in order to control access to specific areas in web space as taught 
by Balasubramanian (0016]). 

Conclusion 

10. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 
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1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BENJAMIN E. LANIER whose telephone number is (571)272- 
3805. The examiner can normally be reached on M-Th 6:00am-4:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Benjamin E Lanier/ 

Primary Examiner, Art Unit 2132 



